Patch Technologies - Privacy Policy
This Privacy Policy (“Privacy Policy” or “Policy”) explains our practices regarding the collection, use, and disclosure of information that we receive through our website located at www.patch.io (the “Site”) and our communications with you (collectively, the “Services”). It also serves as a way to help you understand and exercise your privacy rights. This Privacy Policy does not apply to any third-party websites, services, or applications, even if they are accessible through our Services.
Revisions to this Privacy Policy
Any information that is collected via our Services is covered by the Privacy Policy in effect at the time such information is collected. We may revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we’ll notify you of those changes by posting them within the Services or by sending you an email or other notification, and we’ll update the “Last Updated” date above to indicate when those changes become effective.
Scope of the Privacy Policy
This Privacy Policy applies to all users of our Services including without limitation, site visitors, customers, and account holders, (all such users of the Services including account holders and non-account holders collectively referred to as “Users”).
Information That We Collect
This section describes the different types of Personal Data we may obtain about you.
Information that You Provide Directly
- Sign Up Information: When you sign up to create an account, we collect and retain certain information related to you or that can be used to identify you (“Personal Data”), including, in the case of account creation: your first and last names and email address..
- Through Communicating with Us: You may provide information to us when you use the Services, including when you contact us, respond to surveys, or provide feedback about the Services. This information may include your name, email address, phone number, address, order payment information, and other information that may relate to you or identify you. We also collect any information you provide to us when you send us emails with queries, feedback, or for any other reason.
- Purchase and Payment Information: When you pay for the Services, we will keep records of what you purchased or ordered, and will request financial information such as payment method or credit or debit card information so we can charge you for the purchase. We use a third-party payment processor to process payments made to us. In connection with the processing of such payments, we do not retain any personally identifiable information or any financial information such as full credit card numbers. Rather, all such information is provided directly to our third-party processor, Stripe, whose use of your personal information is governed by their privacy policy, which may be viewed at https://stripe.com/us/privacy. We do not directly collect or store any payment card information entered through our Services, but we may receive information associated with your payment card information (e.g., your billing details). To learn more about payments, please see the Payment and Payment Services section of our Terms of Service.
- Through Interactive Features: If you use any of our interactive features, such as messaging between Users, comment features, or social features, we will collect information that you might submit or make available. Information that you provide through public sharing features of the Services will be considered public, except where contrary to applicable law.
- Contact Information of Others: if you choose to share contact information of other individuals with us, for example if you are using a referral feature or a friend finder feature, we will collect and retain the contact information that you provide. Please only share the contact information of close friends and relations to you, or of others who have consented to such sharing of their information.
- Job Applications: We may post job openings and opportunities on our Services or elsewhere online. If you submit your application, CV and/or cover letter to us, we will collect and use that information, including any Personal Data contained therein as well as information gathered in interviews, to assess your qualifications (“Candidate Data”). We may also use this Candidate Data to monitor recruitment statistics, to communicate with you, to comply with laws, and as otherwise necessary for compliance, fraud prevention, and safety purposes. Candidate Data submitted in connection with your application for a position will be retained in accordance with the relevant laws in your country or jurisdiction of residence. Rights you may have with respect to Personal Data are described below in this Privacy Policy. If you are ultimately hired for a position, Candidate Data that you’ve provided to us will be retained as part of your employment records.
Information Collected Automatically
- Information Sent by Your Device: We collect certain information that your mobile device, laptop, or other hardware device sends when you use our Services, including but not limited to IP Address, user agent information, network and connectivity information, device identifiers, advertising identifiers, language preferences, user settings, software and operating system names and versions, hardware models, as well as other information about your use of our Services.
- Location Information: When you use our Services, we may collect and store information about your location by converting your IP address into a rough geo-location, by requesting precise location through your browser settings.
- Information Collected Using Cookies and other Web Technologies: Like many website and owners and operators, we (and our partners who assist us with marketing, analytics, User research, advertising, and User support) may utilize automated data collection tools such as cookies, web beacons, and pixel tags to collect certain information from Users of our Services. These tools are used for a variety of purposes, including but not limited to User authentication, account security, delivery and measuring of advertising, analyzing site traffic and trends, and fraud prevention. Cookies are small text files that are placed on your device by a web server when you access our Services. We may use both session cookies and persistent cookies to identify that you’ve logged in to the Services and to tell us how and when you interact with our Services. You have choices related to whether you want to accept (see the Your Choices section below). Please note, however, that if you don’t accept cookies, you may not be able to access all portions or features of the Services. Web beacons (also known as web bugs, pixel tags, or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with cookies, to track and measure the performance of our Services, to monitor how many visitors view our Services, and to monitor the effectiveness of our advertising. Unlike cookies, which are stored on the device, Web Beacons are typically embedded invisibly on web pages (or in an email). Note when we used the defined term “Cookies” in this Privacy Policy, we are referring collectively to cookies, pixel tags, beacons, and similar tracking technologies. Our use of Cookies falls into the following general categories:
- Necessary Cookies: We use this type of Cookie to run our site, and to identify and prevent security risks. For instance, we may use these cookies to store your session information to prevent others from changing your password without your username and password.
- Performance Cookies: We use this type of Cookie to collect information about how you use our site, monitor site performance, and improve our site performance, our services, and your experience. For example, we can use these Cookies to learn more about which features are the most popular with our Users and which ones might need some tweaks.
- Preference Cookies: We use this type of Cookie to remember your settings and preferences, and to improve your experience on our site. For instance, we may use these Cookies to remember your language preferences.
- Marketing Cookies: We use this type of Cookie to deliver advertisements, to make them more relevant and meaningful to consumers, and to track the efficiency of our advertising campaigns, both on our services and on other sites or mobile apps.
- Interaction Data: We also collect information relating to the actions that you perform while logged into your account.
Information From Third Parties
We may also obtain information about Users from third parties, including but not limited to affiliates, joint marketing partners, lead providers, fraud and risk mitigation vendors, and identify verification services.
How We Use the Information
Our primary goals in collecting information are to provide and improve our Services, to customize content and the Services for you, to administer your use of the Services (including your account, if you are an account holder), and to enable you to enjoy and easily navigate our Services. We will use your Personal Data for the following purposes:
- Providing our Services, including to, communicate with you, and provide customer support in relation to the Services;
- Resolving disputes, responding to inquiries, collecting and processing payments fees (as applicable) and troubleshooting problems;
- Collecting and processing payment;
- Managing our everyday business needs, including, but not limited to the following activities: auditing, administration of the Services, forum management, fulfillment, analytics, fraud prevention, identity verification, and enforcement of our Terms of Service, or to comply with applicable laws or regulations;
- Customizing your experience and otherwise measuring and improving our content and Services;
- Sending you relevant emails and communications (including keeping you informed about our products, offerings, and any promotional offers) that might be of interest to you. (In the event that we use your Personal Data to market to you, you will be able to opt-out of such uses);
- Enforcing our agreements, terms, conditions, and policies, and sending you notices and alerts;
- Better understanding our Users’ interests, behaviors, and demographics;
- Short-term, transient use, such as contextual customization of ads;
- Auditing relating to interactions, transactions and other compliance activities, and;
- Detecting security incidents, protecting against malicious, deceptive, fraudulent or illegal activity, and prosecuting those responsible for that activity.
We may use Personal Data and other information about you to create de-identified and/or aggregated information, such as de-identified demographic information, de-identified location information, or de-identified information about the device from which you access our Services.
We may also use your information for any other purpose disclosed to you at the time we collect or receive your information, or otherwise with your consent.
Information that We Share with Third Parties
We may share information you provide us, including your Personal Data, with third parties, in the types of scenarios, and for the types of reasons described in this section.
- Service Providers and Business Partners: We may engage third-party service providers to help us administer, provide, and improve the Services, including but not limited to the following types of partners: third party financial financial institutions and financial services companies, web hosting providers, cloud hosting providers, fraud detection services, identity verification services, fulfillment service providers, and customer support partners. These third-party service providers will have access to your Personal Data for the purpose of performing services on our behalf. For example, we may share your Personal Data with a cloud hosting provider (for example, Amazon Web Services) as part of our utilization of their hosting services.
- Carbon Credit Project Developers and Credit Suppliers: If you purchase carbon credits through our Services, we may share Personal Data about you - such as your name, email address, and purchase information - with the developer or supplier of those credits. In certain instances where credits may be retired on your behalf specifically, your name may also appear in public registries as the person who retired the credits.
- At Your Request: We may share information about you with third parties in the event that you request we do so, for example, with other Users or groups of Users or the public if you request that or if, for instance, you use a feature that performs that type of sharing function. Similarly we may share information about you with companies offering complimentary services, promotions, or offers through our Site or Services, if you request, or consent, that we share your information.
- Other Third Parties: We may share de-identified or aggregated data we collect from the use of the Services, including but not limited to de-identified or aggregated: transaction or investment information, location information, information about the computer or device from which you access the Services, market trends, and other analysis that we create based on the information we receive from you and other Users.
- Our Subsidiaries and Affiliates: We share information with our corporate subsidiaries and affiliates, including parent and holding companies, for our administrative purposes, including activities such as IT management, auditing and compliance, and for them to provide services to you or support and supplement the Services we provide.
- With Your Consent: There may be other circumstances where we will notify you of information that we seek to share with a third party not listed here, and will do so with your consent
- Information Shared with Web Analytics Services Providers: We may use some or all of the following analytics services:
- Google: We use Google Analytics, a service provided by Google, Inc. (“Google”), to gather information about how Users engage with our Site and Services. For more information about Google Analytics, please visit this page. You can opt out of Google’s collection and processing of data generated by your use of the Services by going here.
- Segment: We use a service provided by Segment, Inc. (“Segment”) to provide us with analytics data regarding Users’ interactions with our Site and Services. You may opt-out of Segment’s automatic retention of data that is collected while using the Services by visiting this page. To track opt-outs, Segment uses a persistent opt-out cookie placed on your device. Please note that if you get a new computer, install a new browser, erase or otherwise alter the browser’s cookie file (including upgrading certain browsers), you may delete the Segment opt-out cookie.
- Information Disclosed in Connection with Business Transactions: If we are acquired by a third party as a result of a transaction such as a merger, acquisition, or asset sale, or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your Personal Data, may be disclosed or transferred to a third party acquirer in connection with the transaction.
- Information Disclosed for Our Protection and the Protection of Others: We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.
- With Advertising Partners and Social Media. Your Personal Data may be shared with certain advertising partners who conduct or assist us with marketing, as well as advertising and social media partners who we allow to place cookies (or similar technology) in our Services as necessary to their provision of various services, including but not limited to ad attribution, ad placement, audience measurement, social sharing, and site analytics.
Your Privacy Rights
Based upon the laws that apply in your jurisdiction, you may have some or all of the following rights, related to your privacy and Personal Data. Please note that for each of the rights below we may have valid legal reasons to refuse your request. In such instances we will let you know if that is the case. To inquire about or to exercise any of these rights, you may contact us at privacy@patch.io. We will process such requests in accordance with applicable laws.
- Access: the right to access Personal Data about you, including: (i) confirming whether we are processing your Personal Data; (ii) obtaining access to or a copy of your Personal Data; and (iii) receiving an electronic copy of Personal Data that you have provided to us, or asking us to send that information to another company (the “right of data portability”);
- Correction: the right to request correction of your Personal Data where it is inaccurate or incomplete. In some cases, we may provide self-service tools that enable you to update your Personal Data;
- Deletion: the right to request deletion of your Personal Data;
- Objection: the right to request restriction of or object to our processing of your Personal Data; and
- Withdraw Consent: the right to withdraw your consent to our processing of your Personal Data.
Your Choices
We offer you choices regarding the collection, use and sharing of your Personal Data and we’ll respect the choices you make. Please note that if you decide not to provide us with the Personal Data that we request, you may not be able to access all of the features of the Services.
- Opt-Out of our Mailings: We may periodically send you free newsletters and emails that directly promote our Services. When you receive such promotional communications from us, you will have the opportunity to “opt-out” (by following the unsubscribe instructions provided in the email you receive). We do need to send you certain communications regarding the Services and you will not be able to opt out of those communications – e.g., communications regarding updates to our Terms of Service or this Privacy Policy or information about billing.
- Cookie and Ad Tracking Choices: You can opt out of the collection and use of your information for ad targeting by going here or here or here to limit collection through the Site, by configuring the settings on your browser, or by using cookie blocking extensions in your browser (such as Privacy Badger or Ghostery).
- Modifying Your Information: You can access and modify the Personal Data associated with your account by sending an email to privacy@patch.io. If you want us to delete your Personal Data or your account, please contact us at privacy@patch.io with your request. We’ll take steps to delete your information as soon as we can, but some information may remain in archived/backup copies for our records or as otherwise required by law.
- Additional Choices: As discussed below, additional choices may be available to you under the EU’s General Data Protection Regulation (see section below), California law, or Nevada law. You can learn about those choices in the specific privacy notices contained below in this Privacy Policy.
Responding to Do Not Track Signals
Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. Our Site does not currently have the capability to respond to “Do Not Track” signals received from various web browsers. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.
The Security of Your Information
We take reasonable administrative, physical, and electronic measures designed to protect the information that we collect from or about you (including your Personal Data) from unauthorized access, use or disclosure. When you enter sensitive information on our forms, we encrypt this data using SSL or other technologies. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on our Services, by mail or by sending an email to you.
Data Retention
We need to retain the information you provide us in order to provide our Services, and we retain such information for as long as you maintain your account, at a minimum. We also retain certain relevant information, including transaction, location, device, and usage information, for as long as it is required to do so, in connection with regulatory, tax, insurance, legal, administrative, and other requirements. You may request deletion of your account at any time as provided above. Following such a request, we will delete the information that it is not necessary to retain. In certain circumstances, we may be unable to delete your account, such as if there is an outstanding credit or debt on your account or an unresolved dispute, ongoing investigation (e.g. for fraud or misuse), or we believe that we may be required to retain your account for legal reasons. Upon resolution of the issue preventing deletion, we will delete your account as described above. We may also retain certain information if necessary for our legitimate business interests, such as fraud prevention and enhancing Users' safety and security. For example, if we shut down a User's account because of security or fraud incidents, we may retain certain information about that account to prevent that User from opening a new account in the future.
Links to Other Sites
Our Services may contain links to websites and services that are owned or operated by third parties (each, a “Third-party Service”). Any information that you provide on or to a Third-party Service or that is collected by a Third-party Service is provided directly to the owner or operator of the Third-party Service and is subject to the owner’s or operator’s privacy policy. We’re not responsible for the content, privacy, or security practices and policies of any Third-party Service. To protect your information we recommend that you carefully review the privacy policies of all Third-party Services that you access.
Processing Information in the United States
We are headquartered in the United States and may use service providers that operate in other countries. Your Personal Data may be transferred to, and maintained on, computers located outside of your state, province, or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. We strive to safeguard your information consistent with the requirements of applicable laws by taking reasonable administrative, physical, and electronic measures designed to protect the information that we collect from or about you from unauthorized access, use, or disclosure. However, no security measures are failsafe and we cannot guarantee the security of your personal information.
Our Policy Toward Children
Our Services are not directed to children under 16, and we do not knowingly collect Personal Data from children under 16. If we learn that we have collected Personal Data of a child under 16, we will take steps to delete such information from our files as soon as possible.
Privacy Notice for European and Brazilian Users
We are providing this supplemental privacy notice to European data subjects (including Users in the EEA, UK, and Switzerland), pursuant to European data protection laws including the General Data Protection Regulation (“GDPR”) and Brazilian data subjects, pursuant to Brazilian data protection laws including the General Personal Data Protection law (“LGPD”). Patch Technologies, Inc. is the controller of your Personal Data. This means that Patch Technologies Inc. is responsible for how your Personal Data is handled. And we encourage you to review the remainder of this section to understand the bases upon which we process Personal Data as well as the rights afforded to you.
Bases for Processing of Personal Data
Pursuant to the GDPR and LGPD, we may process Personal Data under only the following conditions:
Rights Under the GDPR and LGPD
Where the GDPR or LGPD apply, you have rights in relation to the Personal Data we hold about you. We set out below an outline of those rights and how to exercise those rights. Please note that we will require you to verify your identity before responding to any requests to exercise your rights by providing details only known to the account holder. Please note that for each of the rights below we may have valid legal reasons to refuse your request. In such instances we will let you know if that is the case. To inquire about or to exercise any of these rights, you may contact us at privacy@patch.io.
- Access: You have the right to know whether we process Personal Data about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
- Portability: You have the right to receive a subset of the Personal Data you provide us if we process it on the legal bases of our contract with you or with your consent in a structured, commonly used and machine-readable format and a right to request that we transfer such Personal Data to another party. If you wish for us to transfer the Personal Data to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the Personal Data or its processing once received by the third party.
- Correction: You have the right to require us to correct any Personal Data held about you that is inaccurate and have incomplete data completed. When you request correction, please explain in detail why you believe the Personal Data we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required. Please note that while we assess whether the Personal Data we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below.
- Erasure: You may request that we erase the Personal Data we hold about you in the following circumstances: where you believe it is no longer necessary for us to hold the Personal Data; we are processing it on the basis of your consent and you wish to withdraw your consent; we are processing your data on the basis of our legitimate interest and you object to such processing; you no longer wish us to use your data to send you marketing; or you believe we are unlawfully processing your data. Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure. Please know there may be some types of Personal Data that we are required to retain for legal, regulatory, or accounting reasons, or other legitimate interests.
- Restriction of Processing to Storage Only: You have a right to require us to stop processing the Personal Data we hold about you other than for storage purposes in the following circumstances: you believe the Personal Data is not accurate for the period it takes for us to verify whether the data is accurate; we wish to erase the Personal Data as the processing we are doing is potentially unlawful but you want us to simply restrict the use of that data; we no longer need the Personal Data for the purposes of the processing but you require us to retain the data for the establishment, exercise or defense of legal claims; or you have objected to us processing Personal Data we hold about you on the basis of our legitimate interest and you wish us to stop processing the Personal Data while we determine whether there is an overriding interest in us retaining such Personal Data.
- Objection: You have the right to object to our processing of data about you and we will consider your request. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims. You also have the right, at any time, to object to our processing of data about you in order to send you marketing, including where we build profiles for such purposes and we will stop processing the data for that purpose.
- Withdrawal of Consent: Where you have provided your consent to us processing your Personal Data, you can withdraw your consent at any time by emailing us at the address above in this section.
Complaints and Questions
If you’re based in the EU, you can always file a complaint with the supervisory authority in your Member State. That said, we’d encourage you to reach out to us directly first (at privacy@patch.io) so we can try to assist you with your questions or help you exercise the rights you’re seeking to exercise.
Privacy Questions
We know issues of privacy and data protection are complex. But we’re here to help in any way we can. So please contact us, via email (below) if you have any questions about your Personal Data, our data practices, or this Privacy Policy.
Patch Technologies, Inc
249 Hickory Street
San Francisco, CA 94102
privacy@patch.io